Mobile devices are becoming a standard accessory for people in commercial and business environments, as much as car keys and purses. In contrast to conventional accessories, mobile devices have the ability to communicate with WLANs and other networks while on the move. This communication allows entities to collect analytics about, for example, consumer behavior while in a store, from both an individual level and an aggregate level. As a result, WLAN powered analytics is a booming resource.
Of course, new fronts in network technology also open up new vulnerabilities for exploitation from malicious hackers and processes. For example, one computing device can be configured to appear as several different stations by emulating multiple Wi-Fi network interface cards that are actually virtual. Each NIC card, having its own MAC address, can appear as a separate device to the network. In turn, analytics can be poisoned with the injection of false data.
What is needed is a robust technique for detecting analytics poisoning attacks by identifying emulated stations from tracking RSSI (received signal strength indicator) values.